We find that today’s world seems to be leaning more on technology for almost all businesses and even personal use like bill payments, project work in schools, online purchase, maintaining medical records and even just browsing to get basic details like weather reports, sports update etc. This just proves the significant role played by different websites and also reminds us of the fact that so much of our personal details and business-related data actually get stored in these sites. Website security thus plays a vital role in protecting all these details from hackers.
Besides web security, we also find that many people are now also focusing on blocking websites on their computers for several different reasons. Access to some websites is blocked because these websites could be:
- Spreading viruses
- Containing explicit content
- Trying to steal your personal data
- Irrelevant for children
- Hindering the productivity of an organization as employees spend too much time on non-work related browsing
Access to a website can be blocked through several different ways and one such method that can be used for blocking a website is discussed below.
- To control access to websites on just one PC, you can actually block the site at the operating system level. This method is not very hard to execute and will work well across browsers.
- The DNS system translates easy to remember names into corresponding IP addresses. These DNS servers are used to get to websites and remember that your computer has a HOSTS file, which store all these details locally. You can use these details to block access to unwanted websites.
- Always ensure that you have administrator access on your computer. Sign in with an administrator account and then go to C:\Windows\System32\drivers\etc\
- Double-click the file "hosts" and choose Notepad from in order to open the file. Click OK. The last two lines of your hosts file will have to read "# 127.0.0.1 localhost" and "# ::1 localhost".
- It you are not able to edit the file, you will have to right-click the file labeled hosts and then select Properties. Click the Security tab, select the administrator account and then click Edit.
- In the pop-up, select the account again and check Full control. Click Apply > Yes. Now click OK in all pop-ups.
- The addresses of websites to be blocked can be added at the end of the file. This can be done by adding a line at the end of the file, with 127.0.0.1 and then the name of the website that needs to be blocked. These steps will redirect the website's name to your local computer.
- If you want to block Google, for instance, add "127.0.0.1 www.google.com" to the end of the file without the quotation marks. This will help you to block as many sites as you want but always remember you can only add one per line.
- This step should be repeated until you have added all websites you need to block.
- Close the hosts file and click Save.
- Reboot your computer so that all the changes get implemented and you will notice that all those websites are now successfully blocked.
Another way to block access to a website is by installing a good firewall or a filter. Several antivirus software programs are now available with a firewall and some also have an option to obtain one from them. Filtering software, like a parental control internet filter, could also be available via the same companies or you can get it separately. Instead of getting each of these software components separately, you can now go in for one complete software package specialized to provide you with all the security you need for your website and also for preventing the access to unwanted sites. One such web security tool is cWatch Web developed by Comodo, a cybersecurity company.
Firewalls protect an internal computer network against malicious access from the outside, such as malware-infested websites or vulnerable open network ports. Network firewalls are used in businesses, intranets, schools, and homes. A firewall can also be configured to limit the access of internal users to outside connections, for example, in the case of parental controls or workplace locks. The remaining part of this article will talk about the Comodo WAF offered via the cWatch web security tool and also brief you about the other key website security features provided by cWatch,
Comodo Web Application Firewall (WAF)
The Comodo WAF is capable of eliminating application vulnerabilities and shielding websites and web applications from more sophisticated attacks like SQL Injection, Cross-Site Scripting, and Denial-of-Service (DDoS). The Comodo WAF is available with vulnerability scanning, malware scanning, and automatic virtual patching and hardening engines, and hence provides strong security that is wholly managed for customers as part of the Comodo cWatch Web solution.
The key features offered by Comodo WAF include:
- Zero Day Immediate Response Consistent updates of virtual patches for all websites under management and instant response to apply a patch for the zero day attacks when they become known to the public.
- Distributed Denial of Service Protection Globally-distributed Anycast network allows efficient distribution of traffic. It blocks all non-HTTP/HTTPS-based traffic, with a current network capacity in excess of 1 TB/s. Each PoP has multiple 10G and 100G ports, designed to scale and absorb extremely large attacks.
- Stop Website Hacks and Attacks The Comodo WAF protects vulnerable websites by detecting and removing malicious requests and preventing hack attempts. It also focuses on application targeting attacks for example WordPress and plugins, Drupal, Joomla etc.
- Malicious Bot and Brute Force Prevention Malicious bots and brute force attacks are blocked from websites. This WAF provides protection for login pages and account registration forms.
Additional Key Features Offered by cWatch
Some of the other key web security features offered by cWatch include:
- Malware Monitoring and Remediation
Detects malware, provides the methods and tools to remove it, and prevents future malware attacks
- Cyber Security Operations Center (CSOC)
A team of always-on certified cybersecurity professionals providing round-the-clock surveillance and remediation services
- Security Information and Event Management (SIEM)
Advanced intelligence than can leverage existing events and data from 85M+ endpoints and 100M+ domains
- PCI Scanning
Enables service providers and merchants to stay in compliance with the Payment Card Industry Data Security Standard (PCI DSS).
- Secure Content Delivery Network (CDN)
A global system of distributed servers to enhance the performance of websites and web applications
- cWatch Web provides protection against the OWASP Top 10
The OWASP Top Ten is a published list of the top 10 forms of website attacks determined by polling experts in web communication in order to attain a broad consensus on what threats should be of greatest concern. The OWASP top 10 incudes:
- SQL Injection
- Cross Site Scripting
- Sensitive Data Exposure
- Missing Function Level Access Control
- Components with known vulnerabilities
- Security Misconfiguration
- Insecure Direct Object References
- Broken Authentication and Session Management
- Cross Site Request Forgery (CSRF)
- Un-validated redirects and Forwards